App Store requirements

Apple encryption export regulations for Themis #

If your application uses Themis and you want to submit it to the Apple App Store, you are required to do the following:

  1. Indicate that you’re using cryptography when submitting your application for review.

    Select “YES” to say that your application incorporates cryptography.

  2. Apply for the “open source” exemption.

    When filling the next step in the App Store submission form, select “NO” in the Export Compliance section.

    Themis cryptographic library is exempt from the need for detailed classification. Themis uses standard publicly available ciphers provided by open source OpenSSL and BoringSSL libraries on Apple platforms.

  3. Send an annual (year-end) self-classification report to the US government to comply with the encryption export regulations.

Read more in the official Apple export compliance overview and BIS guidelines (you might need to use a VPN to access it).

Submitting an annual self-classification report to Apple #

The procedure is as follows.

  1. Download a copy of the sample CSV file from the BIS website.
  2. Fill it out with your own details.
  3. Email your CSV file to crypt-supp8@bis.doc.gov and enc@nsa.gov.

These are the values that most of our customers use in their CSV reports:

ECCN: 5D992.c


ITEM TYPE: Mobility and mobile applications n.e.s.



Please see How to file an Annual Self Classification Report by the Bureau of Industry and Security for more details.

Additional resources #

For further guidance, see these resources: